James wrote:
We just realized (only took a couple of months) thatthe SysAdmin from the company which we colocate our server had set himself up a root access.<snip>
Graeme wrote:
If the machine is leased from the ISP, then it's a different matter... since it presumably 'remains their property at all times'.
The machine is leased from the ISP. We have had the conversation before though that we are the only ones with access to the machine. They, nor anybody, else have access. It is up to us to make sure the machine stays secure. These are the SysAdmins words.
It was also stated from the getgo that we are wholly responsable for the server and all its operations.
I am waiting for an official response from the ISP. I will let you all know how things go. In the meantime, we are going to hire a trusted security expert to check the machine out for us, to the best of their ability, and to seal the machine up the best they can.
James